Some embodiments described herein relate generally to detection of functionality in files, and, in particular, to inferring functionality in files based on file components extracted from the file and based on descriptors obtained via a network.
Malware, short for malicious software, is software designed to infiltrate a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software and/or program code. Malware presents security risks and/or issues for computer systems.
Reverse engineering of malware to understand functionality, particularly in malicious software artifacts or malware, is desirable for designing solutions to the malware. This is currently a slow manual process requiring expensive expert labor.
Accordingly, a need exists for automatic malware capability identification based on commonly available technical documents.